Fixed #35520 -- Avoided opening transaction for read-only ModelAdmin requests.

author: Jake Howard <git@theorangeone.net> 2024-06-11 19:27:49 +0100
committer: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com> 2024-07-04 11:38:58 +0200
commit: 53e674d5744faad61e52d8459c9198b2aa6f63dd (patch)
tree: 0b2de1867fbec42098705ae834ff9fa2af33f78f /django/contrib/admin
parent: 31837dbcb36f1ab57fb1b16cb0b126c55a1bdf01 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/django/contrib/admin/options.py b/django/contrib/admin/options.py
index 9cc891d807..e8760c2931 100644
--- a/django/contrib/admin/options.py
+++ b/django/contrib/admin/options.py
@@ -1814,6 +1814,9 @@ class ModelAdmin(BaseModelAdmin):
 
     @csrf_protect_m
     def changeform_view(self, request, object_id=None, form_url="", extra_context=None):
+        if request.method in ("GET", "HEAD", "OPTIONS", "TRACE"):
+            return self._changeform_view(request, object_id, form_url, extra_context)
+
         with transaction.atomic(using=router.db_for_write(self.model)):
             return self._changeform_view(request, object_id, form_url, extra_context)
 
@@ -2175,6 +2178,9 @@ class ModelAdmin(BaseModelAdmin):
 
     @csrf_protect_m
     def delete_view(self, request, object_id, extra_context=None):
+        if request.method in ("GET", "HEAD", "OPTIONS", "TRACE"):
+            return self._delete_view(request, object_id, extra_context)
+
         with transaction.atomic(using=router.db_for_write(self.model)):
             return self._delete_view(request, object_id, extra_context)
author	Jake Howard <git@theorangeone.net>	2024-06-11 19:27:49 +0100
committer	Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>	2024-07-04 11:38:58 +0200
commit	53e674d5744faad61e52d8459c9198b2aa6f63dd (patch)
tree	0b2de1867fbec42098705ae834ff9fa2af33f78f /django/contrib/admin
parent	31837dbcb36f1ab57fb1b16cb0b126c55a1bdf01 (diff)